Scribd
Upload
32 views6 pages

Unit – v Network Security, Cyber Laws and Compliance Standards

Unit V covers Network Security, Cyber Laws, and Compliance Standards, focusing on authentication protocols like Kerberos, IP Security implementation, email security protocols, and Public Key Infrastructure. It addresses various cyber threats and the legal framework for cyber crimes, as well as compliance standards such as ISO 27001 and PCI DSS. The unit aims to provide a comprehensive understanding of securing networks and adhering to legal and compliance requirements.

Uploaded by

maheshlondhe873
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
32 views6 pages

Unit – v Network Security, Cyber Laws and Compliance Standards

Unit V covers Network Security, Cyber Laws, and Compliance Standards, focusing on authentication protocols like Kerberos, IP Security implementation, email security protocols, and Public Key Infrastructure. It addresses various cyber threats and the legal framework for cyber crimes, as well as compliance standards such as ISO 27001 and PCI DSS. The unit aims to provide a comprehensive understanding of securing networks and adhering to legal and compliance requirements.

Uploaded by

maheshlondhe873
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 6

Unit –V Network Security, Cyber Laws and Compliance Standards (12 Hrs.

) 14
Marks
Unit Outcomes (UOs)
5a. Explain the given authentication protocols.
5b. Explain different ways to implement IP Security
5c. Explain protocols related to Email security.
5d. Describe Public Key Infrastructure.

Topics and Sub-topics


5.1 Kerberos: Working, AS, TGS, SS
5.2 IP Security- overview, Protocols- AH, ESP, Modes- Transport & Tunnel.
5.3 Email security- SMTP, PEM, PGP.
5.4 Public Key Infrastructure (PKI): Introduction, Certificates, Certificate authority,
X.509/PKIX certificate.
5.5 Introduction, Hacking, Digital Forgery, Cyber Stalking/Harassment, Cyber
Pornography, Identity Theft and Fraud, Cyber Terrorism, Cyber Defamation
5.6 Cyber Laws: Introduction, need Categories: Crime against Individual,
Government, and property.
5.7 Compliance standards: Implementing and Information Security Management
System, ISO 27001, ISO 20000, BS 25999, PCI DSS, ITIL framework, COBIT
framework.
5.1 Kerberos:
According to Greek mythology Kerberos (Cerberus) was the gigantic, three-
headed dog of Hades that guards the gates of the underworld to prevent the
dead from leaving.
Kerberos is a network authentication protocol. It is designed to provide strong
authentication for client/server applications by using secret-key cryptography.
Kerberos was originally developed for Project Athena at the MIT.

Main entities involved in Kerberos flow:


Client: Initiates the communication for a service request. Acts on behalf of the
user.
Server: The server with the service the user wants to access.
Authentication Sever (AS): Performs client authentication. If the client is
authenticated successfully the AS issues a ticket called TGT (Ticket Granting
Ticket). TGT proves to other servers that client has been authenticated.
Key Distribution Center (KDC): In Kerberos environment authentication sever is
logically separated into three parts: Database (db), Authentication Server (AS)
and Ticket Granting Server (TGS). Physically these 3 parts are existing in a
single server and it is called as Key Distribution Center.
Ticket Granting Server (TGS): An application server which provides the issuing
of service tickets as a service.

Working:
Kerberos operates by encrypting data with a symmetric key. A symmetric key is a
type of authentication where both the client and server agree to use a single
encryption/decryption key for sending or receiving data. When working with the
encryption key, the details are actually sent to a key distribution center, or KDC,
instead of sending the details directly between each computer. The entire
process takes a total of eight steps, as shown below:

1. The authentication server, or AS, receives the request by the client and
verifies that the client is indeed the computer it claims to be. This is usually
just a simple database lookup of the user’s ID.
2. Upon verification, a timestamp is created. This puts the current time in a user
session, along with an expiration date. The default expiration date of a
timestamp is 8 hours. The encryption key is then created. The timestamp
ensures that when 8 hours is up, the encryption key is useless. (This is used
to make sure a hacker doesn’t intercept the data, and try to crack the key.
Almost all keys are able to be cracked, but it will take a lot longer than 8 hours
to do so)

3. The key is sent back to the client in the form of a ticket-granting ticket, or
TGT. This is a simple ticket that is issued by the authentication service. It is
used for authenticating the client for future reference.

4. The client submits the ticket-granting ticket to the ticket-granting server, or


TGS, to get authenticated.
5. The TGS creates an encrypted key with a timestamp, and grants the client a
service ticket.
6. The client decrypts the ticket, tells the TGS it has done so, and then sends its
own encrypted key to the service.

7. The service decrypts the key, and makes sure the timestamp is still valid. If it
is, the service contacts the key distribution center to receive a session that is
returned to the client.

8. The client decrypts the ticket. If the keys are still valid, communication is
initiated between client and server.
5.2 IP Security
IP Security Issues
• Eavesdropping
• Modification of packets in transit
• Identity spoofing (forged source IP addresses)
• Denial of service
IPsec aims to provide a framework of open standards for secure communications
over IP. The IP security architecture (IPsec) provides cryptographic protection for
IP datagrams in IPv4 and IPv6 network packets. IPSec (IP Security) architecture
uses two protocols to secure the traffic or data flow. These protocols are ESP
(Encapsulation Security Payload) and AH (Authentication Header). IPSec
Architecture include protocols, algorithms, DOI, and Key Management. All these
components are very important in order to provide the following main services:
• Confidentiality: by encrypting our data, nobody except the sender and
receiver will be able to read our data.
• Integrity: we want to make sure that nobody changes the data in our packets.
By calculating a hash value, the sender and receiver will be able to check if
changes have been made to the packet.
• Authentication: the sender and receiver will authenticate each other to make
sure that we are really talking with the device we intend to.
• Anti-Replay: even if a packet is encrypted and authenticated, an attacker
could try to capture these packets and send them again. By using sequence
numbers, IPsec will not transmit any duplicate packets.

The IPsec standards define two distinct modes of IPsec operation:


• Transport Mode
• Tunnel Mode
The modes do not affect the encoding of packets. The packets are protected by
AH, ESP, or both in each mode. The modes differ in policy application when the
inner packet is an IP packet, as follows:
In transport mode, the outer header determines the IPsec policy that protects the
inner IP packet.
In tunnel mode, the inner IP packet determines the IPsec policy that protects its
contents.
In transport mode, the outer header, the next header, and any ports that the next
header supports, can be used to determine IPsec policy. In effect, IPsec can
enforce different transport mode policies between two IP addresses to the
granularity of a single port. For example, if the next header is TCP, which
supports ports, then IPsec policy can be set for a TCP port of the outer IP
address. Similarly, if the next header is an IP header, the outer header and the
inner IP header can be used to determine IPsec policy.

Tunnel mode works only for IP-in-IP datagrams. Tunneling in tunnel mode can be
useful when computer workers at home are connecting to a central computer
location. In tunnel mode, IPsec policy is enforced on the contents of the inner IP
datagram. Different IPsec policies can be enforced for different inner IP
addresses. That is, the inner IP header, its next header, and the ports that the
next header supports, can enforce a policy. Unlike transport mode, in tunnel
mode the outer IP header does not dictate the policy of its inner IP datagram.

Overview, Protocols- AH, ESP, Modes- Transport & Tunnel

5.3 Email security- SMTP, PEM, PGP.


5.4 Public Key Infrastructure (PKI): Introduction, Certificates, Certificate authority,
X.509/PKIX certificate.
5.5 Introduction, Hacking, Digital Forgery, Cyber Stalking/Harassment, Cyber
Pornography, Identity Theft and Fraud, Cyber Terrorism, Cyber Defamation
5.6 Cyber Laws: Introduction, need Categories: Crime against Individual,
Government, and property.
5.7 Compliance standards: Implementing and Information Security Management
System, ISO 27001, ISO 20000, BS 25999, PCI DSS, ITIL framework, COBIT
framework.

You might also like